[Bro] Bro vs Netflow
Seth Hall
seth at icir.org
Mon Jun 22 13:44:15 PDT 2015
> On Jun 22, 2015, at 4:37 PM, James Lay <jlay at slave-tothe-box.net> wrote:
>
> I took out softflowd and reverted to my previous version of logstash.conf. I have to say, it was pretty cool to have my Kibana graphs up of Bro's conn.log and softflowd side by side to compare....was pretty awesome.
Nice, did you notice any major discrepancies?
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150622/1e56d45a/attachment.bin
More information about the Bro
mailing list